Malware Ransomware and Account Takeover
π₯ Opening Hook
In 2017 a cyberattack called
WannaCry swept across the world
in a matter of hours.
It infected over 200,000 computers
across 150 countries.
It shut down hospitals in the
United Kingdom β forcing staff
to turn away patients and
cancel surgeries.
It disrupted banks, telecoms
companies, and government
agencies across Europe, Asia,
and Africa.
It did not discriminate by
industry, country, or size.
It was ransomware.
And it started with a single
unpatched vulnerability β
software that had not been updated.
This topic is about understanding
the technical threats that sit
alongside social engineering β
the malicious software and
account takeover techniques
that cause real damage to
real people and organisations
every single day.
ββββββββββββββββββββββββββββββββββ
- What Is Malware?
Malware is malicious software β
any programme designed to
infiltrate, damage, or exploit
a device, network, or system
without the user’s consent.
The word is a combination
of malicious and software.
It is delivered through:
β Email attachments
β Malicious downloads from
unofficial websites
β Infected USB drives
β Compromised websites that
install software when visited
β Fake apps downloaded outside
official app stores
ββββββββββββββββββββββββββββββββββ
- Types of Malware
2.1 Viruses
A virus is a piece of malicious
code that attaches itself to
legitimate files and replicates
when those files are shared or executed.
Like a biological virus β
it spreads from host to host,
corrupting files and consuming
system resources as it goes.
2.2 Trojans
Named after the Trojan Horse
of Greek mythology β a Trojan
is malicious software disguised
as something legitimate.
It might appear as:
β A free version of paid software
β A useful tool or utility
β A game or entertainment app
β A document sent by a
seemingly trusted contact
Once installed it gives
attackers access to your device.
2.3 Spyware
Software that secretly monitors
your activity and collects
information without your knowledge.
It can:
β Record keystrokes β capturing
passwords as you type them
β Take screenshots of your activity
β Access your camera and microphone
β Track your location
β Harvest stored passwords
and financial information
2.4 Adware
Software that displays unwanted
advertisements β often bundled
with free software downloads.
While less dangerous than other
malware types it can slow systems,
redirect browsers, and in some
cases act as a gateway for
more serious threats.
2.5 Worms
Self-replicating malware that
spreads across networks without
requiring user action β
unlike viruses they do not
need to attach to existing files.
WannaCry was a worm β
it spread automatically
across networks exploiting
a vulnerability in
Windows systems.
ββββββββββββββββββββββββββββββββββ
- Ransomware β The Most
Disruptive Threat
Ransomware deserves special attention
because of the scale and severity
of the damage it causes globally.
How ransomware works:
Step 1 β Entry
The ransomware enters the system β
typically through a phishing email
attachment, a malicious download,
or an unpatched vulnerability.
Step 2 β Encryption
It silently encrypts the victim’s
files β making them completely
inaccessible. Documents, databases,
images, spreadsheets β all locked.
Step 3 β Demand
A message appears demanding
payment β usually in cryptocurrency β
in exchange for the decryption key.
Step 4 β Decision
The victim must decide whether
to pay β with no guarantee
the key will be provided β
or attempt recovery through
backups and forensic tools.
The impact:
β Hospitals have been forced to
cancel patient care
β Schools have lost years of
student records
β Businesses have paid millions
to recover their data
β Government agencies have had
critical services disrupted
Who it targets:
Ransomware targets everyone β
individuals, small businesses,
hospitals, governments,
and multinational corporations.
The only reliable defence
against ransomware is regular,
tested backups stored separately
from the main system β
so that even if data is encrypted
it can be recovered without
paying the attacker.
ββββββββββββββββββββββββββββββββββ
- Account Takeover
Account takeover occurs when
an attacker gains unauthorised
access to someone’s online
account β email, banking,
social media, or workplace systems.
It is one of the most common
and most damaging threats
facing individuals globally.
How accounts get taken over:
4.1 Credential Stuffing
Attackers take username and
password combinations stolen
in previous data breaches
and try them on other platforms.
If you use the same password
across multiple accounts β
one breach exposes all of them.
This is the most common cause
of account takeover globally.
4.2 Brute Force Attacks
Automated tools try thousands
of password combinations until
one works.
Simple, short, or predictable
passwords are particularly vulnerable.
4.3 Phishing for Credentials
A fake login page that looks
identical to the real one β
you enter your username and
password and send them directly
to the attacker.
4.4 SIM Swap Attacks
Particularly prevalent in Africa β
an attacker convinces a mobile
network provider to transfer
a victim’s phone number to
a SIM card they control.
This gives them access to
SMS-based two-factor authentication
codes β bypassing what many
people believe is a secure
protection on their accounts.
What attackers do with
a taken-over account:
β Transfer funds from
banking accounts
β Use email access to launch
attacks on contacts
β Steal sensitive data
β Lock the legitimate owner out
β Use social media accounts
for scams or reputational damage
ββββββββββββββββββββββββββββββββββ
- Protecting Yourself
Against Malware and
Account Takeover
Against malware:
β Keep all software and operating
systems updated β patches close
the vulnerabilities attackers exploit
β Only download software from
official, verified sources
β Never open email attachments
from unexpected or unknown senders
β Use reputable antivirus software
and keep it updated
β Never plug unknown USB drives
into your devices
β Back up important data regularly
to a separate, secure location
Against account takeover:
β Use unique passwords for
every account β a password
manager makes this manageable
β Enable two-factor authentication
on all critical accounts β
preferably using an authenticator
app rather than SMS
β Monitor accounts for
unexpected activity
β Check if your email or
password has appeared in
a known data breach at
haveibeenpwned.com
ββββββββββββββββββββββββββββββββββ
π Global and African Context
Ransomware attacks have affected
organisations across Africa β
including government agencies,
banks, and healthcare providers.
SIM swap fraud is a particularly
significant threat across Africa
where mobile money and
SMS-based authentication
are widely used.
Globally β the rise of
Ransomware as a Service (RaaS) β
where criminal groups sell
ransomware tools to other
attackers β has dramatically
lowered the technical barrier
to launching attacks and
increased the frequency
and scale of incidents.
ββββββββββββββββββββββββββββββββββ
β‘ Power Insight
The most powerful defence
against malware and account
takeover is not expensive
security software β it is
consistent habits. Keeping
software updated, using unique
passwords, enabling two-factor
authentication, and backing
up data regularly costs
almost nothing and eliminates
the vast majority of risk.
The professionals who do
these things consistently
are dramatically harder to
compromise than those who do not.
ββββββββββββββββββββββββββββββββββ
βοΈ Quick Action Challenge
β‘ Takes 5 minutes:
Go to haveibeenpwned.com and
enter your email address.
This free, trusted service β
run by a respected security
researcher β checks whether
your email has appeared in
any known data breach.
If it has β change the
password on any account
that uses that email address
immediately.
If it has not β you now
have a tool you can check
periodically to stay informed.
π Want to go deeper?
Enable two-factor authentication
on your most important account
this week β ideally your
primary email. Use an
authenticator app like
Google Authenticator or
Microsoft Authenticator
rather than SMS where possible.
It takes less than five minutes
and significantly raises
the cost of compromising
your account.
ββββββββββββββββββββββββββββββββββ
π Sources & Further Reading
- Have I Been Pwned β
Check if your email
has been breached
haveibeenpwned.com - CISA β
Ransomware Guide
cisa.gov/ransomware - Europol β
Internet Organised Crime
Threat Assessment
(updated regularly)
europol.europa.eu/
internet-organised-crime-
threat-assessment - GSMA β
SIM Swap Fraud in Africa
gsma.com/security - Malwarebytes β
Malware Explained
malwarebytes.com/malware
ββββββββββββββββββββββββββββββββββ
π Key Takeaway
Malware and account takeover
are not abstract threats β
they shut down hospitals,
drain bank accounts, and
destroy years of work every
single day across the world.
But they are also largely
preventable with consistent,
simple habits. Keep software
updated. Use unique passwords.
Enable two-factor authentication.
Back up your data. These four
habits alone eliminate the
vast majority of risk.
Do them. Every time.
Without exception.